Bug - can't configure MQ console to use OIDC, webuser.xml.tpl isn't rendered.

[CLIN42]

version: 9.3.3.1
platform: Azure Kubernetes Service

Description

We're trying to configure OIDC for MQ console as per the template at here . The configurations are added as environment variable as below as part of StatefulSet

env:
- name: MQ_BETA_ENABLE_SSO
  value: "1"
- name: MQ_OIDC_CLIENT_ID
  value: "our client id on Azure AD"
- name: MQ_OIDC_CLIENT_SECRET
  value: "client secret on Azure AD
- name: MQ_OIDC_UNIQUE_USER_IDENTIFIER
  value: "unique_name"
- name: MQ_OIDC_AUTHORIZATION_ENDPOINT
  value: "https://login.microsoftonline.com/{our tenant}/oauth2/v2.0/authorize"
- name: MQ_OIDC_TOKEN_ENDPOINT
  value: "https://login.microsoftonline.com/{our tenant}/oauth2/v2.0/token"
- name: MQ_OIDC_JWK_ENDPOINT
  value: "https://login.microsoftonline.com/{our tenant}/discovery/v2.0/keys"
- name: MQ_OIDC_ISSUER_IDENTIFIER
  value: "Microsoft issuer"

What happened

The injected environment variables never take effect. After the Pod is started, checking at /etc/mqm/web/installations/Installation1/servers/mqweb, I see the tpl isn't rendered. variables in mqwebuser.xml are not replaced with the injected envs

what do I expect to happen

mqwebuser.xml.tpl should be rendered, adding the OIDC environment variables.

Troubleshooting

mqwebuser.xml.tpl is being rendered at here

 err = mqtemplate.ProcessTemplateFile(mqwebDir+"/mqwebuser.xml.tpl", mqwebDir+"/mqwebuser.xml", map[string][]string{"AdminUser": adminUsers}, log)

But the environment variables defined earlier are not being passed to mqtemplate.ProcessTemplateFile